RESTThe Most Misunderstood Software Architecture Ever
Martín SotoFebruary 17, 2015
REST● REpresentational State Transfer
● Roy Fielding, 2000
● Deeply misunderstood! Many systems (mostly APIs) claim to be REST(ful), few really are.
● Abstraction of the World Wide Web.
Richardson’s REST Maturity Model
http://martinfowler.com/articles/richardsonMaturityModel.html
Level 0: Plain, Old RPC
http://martinfowler.com/articles/richardsonMaturityModel.html
Plain, Old Remote Procedure Call (RPC)
Level 0: Remote Procedure Call (RPC)
Caller Callee
Procedure call
Return value
Caller execution
Caller continues
Procedure execution
Netw
ork
CorbaDCOMjava RMI...
HTTP
Level 0
Level 0: RPC over HTTP
● Only one URL (e.g., http://example.com/api/v1)
● Procedure name and parameters passed as request payload.
● Return value returned as response.
Level 0: ExampleAmazon Elastic Computing Cloud (EC2) API
Level 1: Resources
http://martinfowler.com/articles/richardsonMaturityModel.html
Level 1: Resources
Company 1
Company 7
Company 33
User 4
User 28
User 13 User 5
User 62
User 44
User 99
User 63
Security policy 22
Security policy 85
http://api.com/companies/1
http://api.com/users/63
http://api.com/policies/85
http://api.com/companies/33
http://api.com/companies/7
http://api.com/users/63http://api.com/users/63
http://api.com/users/63
http://api.com/users/63
http://api.com/users/63
http://api.com/users/63
http://api.com/users/63
http://api.com/policies/85
Level 2: HTTP Verbs
http://martinfowler.com/articles/richardsonMaturityModel.html
Level 2: HTTP Methods
POST Create new resource (when POSTing to a collection) or execute especial operation on resource.
GET Read the contents of resource (the resource representation)
PUT Upload new resource contents replacing any previous contents. Also, create a resource if previously nonexistent.
DELETE Delete the resource.
Level 2: ExampleGoogle Calendar API
But…The Web is
interconnected...
It’s the hypertext,
stupid!
Hypertext: HTML
<HTML>
<HEAD>
<TITLE>Your Title Here</TITLE>
</HEAD>
<BODY BGCOLOR="FFFFFF">
<CENTER><IMG SRC="clouds.jpg" ALIGN="
BOTTOM"> </CENTER>
<HR>
<a href="http://somegreatsite.com">Link
Name</a>
is a link to another nifty site
<H1>This is a Header</H1>
<H2>This is a Medium Header</H2>
Send me mail at <a href="mailto:
[email protected]</a>.
<P> This is a new paragraph!
<P> <B>This is a new paragraph!</B>
<BR> <B><I>This is a new sentence without
a paragraph break, in bold italics.
</I></B>
<HR>
</BODY>
</HTML>
Level 3: Hypermedia
http://martinfowler.com/articles/richardsonMaturityModel.html
HATEOASHypertext As The
Engine of Application State
“What needs to be done to make the REST architectural style clear on the notion that hypertext is a constraint?
In other words, if the engine of application state (and hence the API) is not being driven by hypertext, then it cannot be RESTful and cannot be a
REST API. Period. Is there some broken manual somewhere that
needs to be fixed?
Roy Fielding
http://roy.gbiv.com/untangled/2008/rest-apis-must-be-hypertext-driven
Programming with Hypermedia?
http://martinfowler.com/articles/richardsonMaturityModel.html
??? ???
Hypermedia for Data APIs
The Web<HTML>
<HEAD>
<TITLE>Your Title Here</TITLE>
</HEAD>
<BODY BGCOLOR="FFFFFF">
<CENTER><IMG SRC="clouds.jpg" ALIGN="BOTTOM"> </CENTER>
<HR>
<a href="http://somegreatsite.com">Link Name</a>
is a link to another nifty site
<H1>This is a Header</H1>
<H2>This is a Medium Header</H2>
...
Data APIs
?
Example
Putting Hypermedia to Good Use: Regional Privacy
EU Web Service
US Web Service CN Web
Service
What we got from hypermedia
API is independent of data locationWe were able to introduce this structure without breaking our API contract: Resource location becomes an implementation detail
Data privacy becomes evidentCustomers can verify where their data is located by just looking at the requests their clients are running.
All customers can be handled equallyAs long as you stick to a format, you can serve it from wherever you like and clients will handle it.
APIVersioningWe can evolve the API by providing new fields pointing to new resources or formats. As long as the older fields are preserved, older clients will continue to work.
Example
Federated Systems: Initial System
Relational DB (MySQL)
Example
Federated Systems: Fast Caching
Relational DB (e.g., MySQL)
Key-value Store (e.g., Redis)
Example
Federated Systems: Microservices
Microservice 1
Microservice 2
Microservice 3
Example
Federated Systems: SaaS
Customer 1 Customer 2
Customer 3
High-capacity cloud instance
Low-capacity cloud instance
In-premise, dedicated hardware
The (Not-So-Exiting) Present
● Many more APIs are going the hypermedia wayGitHub, Nike, PayPal.
● Documentation for popular APIs still specifies URLsAPI providers make resource locations part of the API contract probably to appease programmers.
● Server frameworks and client libraries are getting better at hypermediaThe improvement has been significant in the last two or three years.
Wrap Up
✓
Thanks!...and welcome to the discussion
Martín Soto@msotoweb
http://martinsoto.co
Credits
Presentation template by SlidesCarnival
“Linked Web” picture courtesy Chris 73 / Wikimedia Commons, shared under Creative Commons Attribution-Share Alike 3.0.
World map outline © Copyright Showeet.com, CC Attribution.
For other credits, follow the links on the corresponding slides.